Menu

Get started with our Verified Tokens API

API v3
Last updated March 2021

Make yourself familiar with ourAPI Principlesto ensure a resilient integration.


Set your headers

Setting your headers is an important part of an API request. The headers represent the meta-data associated with your API request.

Copied!
Authorization : {your_credentials}
Content-Type : application/vnd.worldpay.verified-tokens-v3.hal+json
Accept : application/vnd.worldpay.verified-tokens-v3.hal+json
HeaderDescription
AuthorizationWe use the Authorization header to identify and authenticate you within Access Worldpay. You must use the Authorization header for any request you send to our Verified Tokens API, unless you are using client certificate authentication over TLS. If you must use this, read our reference guide onAuthenticating with SSL/TLS.
Content-TypeWe require the Content-Type header if the request you're sending includes a request body, and if the HTTP method is a POST or a PUT.
AcceptWe use the Accept header to identify which version of our Verified Tokens API you are using. You must use the Accept header for any request you send to our Verified Tokens API.

If you're using both the Content-Type and Accept headers, they must match.

Note: Replace {your_credentials} with your base64-encoded Basic Auth username and password. To get your Access Worldpay credentials contact yourImplementation Manager.

Query the root resource

Our APIs guide you by providing you with links to the next available actions.

To discover and start using our APIs you must first query the root resource. This returns the available resources within Access Worldpay.

Request

GET https://try.access.worldpay.com/

Note: No request body is needed for this request.

Response

You receive all our available API resources in the response.

Copied!
{
    "_links": {
        "payments:authorize": {
            "href": "https://try.access.worldpay.com/payments/authorizations"
        },
        "service:payments": {
            "href": "https://try.access.worldpay.com/payments"
        },
        "service:tokens": {
            "href": "https://try.access.worldpay.com/tokens"
        },
        "service:verifications/accounts": {
            "href": "https://try.access.worldpay.com/verifications/accounts"
        },
        "service:verifications/customers/3ds": {
            "href": "https://try.access.worldpay.com/verifications/customers/3ds"
        },
        "service:verifiedTokens": {
            "href": "https://try.access.worldpay.com/verifiedTokens"
        },
        "service:payouts": {
            "href": "https://try.access.worldpay.com/payouts"
        },
        "curies": [{
            "href": "https://try.access.worldpay.com/rels/payments/{rel}",
            "name": "payments",
            "templated": true
        }]
    }
}

Query the Verified Tokens root resource

Query the service:verifiedTokens resource which gives you links to your next available actions and resources for our Verified Tokens API.

The request

GET https://try.access.worldpay.com/verifiedTokens

Note: No request body is needed for this request.

The response

You receive all our available API resources in the response.

Copied!
{
  "_links": {
    "verifiedTokens:cardOnFile": {
      "href": "https://try.access.worldpay.com/verifiedTokens/cardOnFile"
    },
    "verifiedTokens:sessions": {
      "href": "https://try.access.worldpay.com/verifiedTokens/sessions"
    },
    "resourceTree": {
      "href": "https://try.access.worldpay.com/rels/verifiedTokens/resourceTree.json"
    },
    "curies": [
      {
        "href": "https://try.access.worldpay.com/rels/verifiedTokens/{rel}.json",
        "name": "verifiedTokens",
        "templated": true
      }
    ]
  }
}

Resources

ResourcesDescription
verifiedTokens:cardOnFileCreate a Verified Tokenthat you use to take card on file payments. Card on file payments are payments made by the customer using payment instrument details that have already been stored.
verifiedTokens:sessionsUsed by theAccess Checkout SDKto create a session.

Note: When you retrieve the root resource, you should cache the action links provided in the response for a period of time.

Next steps


Create a verified token